Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > uk.comp.homebuilt > #60671 > unrolled thread

On device enforcement of age verification?

Started byDavid <wibble@btinternet.com>
First post2026-06-16 13:09 +0000
Last post2026-06-17 08:11 +0000
Articles 12 — 8 participants

Back to article view | Back to uk.comp.homebuilt


Contents

  On device enforcement of age verification? David <wibble@btinternet.com> - 2026-06-16 13:09 +0000
    Re: On device enforcement of age verification? Theo <theom+news@chiark.greenend.org.uk> - 2026-06-16 14:56 +0100
      Re: On device enforcement of age verification? Ian <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com> - 2026-06-16 16:58 +0000
        Re: On device enforcement of age verification? Richard Kettlewell <invalid@invalid.invalid> - 2026-06-16 22:48 +0100
          Re: On device enforcement of age verification? Mike Scott <usenet.16@scottsonline.org.uk.invalid> - 2026-06-17 08:24 +0100
            Re: On device enforcement of age verification? Richard Kettlewell <invalid@invalid.invalid> - 2026-06-17 08:44 +0100
    Re: On device enforcement of age verification? Chris <ithinkiam@gmail.com> - 2026-06-16 14:29 +0000
      Re: On device enforcement of age verification? "s|b" <me@privacy.invalid> - 2026-06-16 17:03 +0200
        Re: On device enforcement of age verification? Chris <ithinkiam@gmail.com> - 2026-06-16 23:31 +0000
          Re: On device enforcement of age verification? "s|b" <me@privacy.invalid> - 2026-06-17 15:48 +0200
    Re: On device enforcement of age verification? Richard Kettlewell <invalid@invalid.invalid> - 2026-06-16 17:27 +0100
      Re: On device enforcement of age verification? Gordon <Gordon@leaf.net.nz> - 2026-06-17 08:11 +0000

#60671 — On device enforcement of age verification?

FromDavid <wibble@btinternet.com>
Date2026-06-16 13:09 +0000
SubjectOn device enforcement of age verification?
Message-ID<n9d08kFbucoU4@mid.individual.net>
I was wondering how they expected to do this.

Are they assuming that all access to social media will be via a mobile 
phone or tablet?

I can't see on device enforcement working for a PC.
Even if Apple and Microsoft cave, there are older versions of Windows and 
a whole raft of Linux distributions.

Perhaps I should hang onto my stock of non W10 compatible devices to 
install Linux (or other Unix-a-like) to rent out to mid-teens to stay 
connected.

Cheers



Dave R

-- 
AMD FX-6300 in GA-990X-Gaming SLI-CF running Windows 10 x64

-- 
This email has been checked for viruses by Avast antivirus software.
www.avast.com

[toc] | [next] | [standalone]


#60672

FromTheo <theom+news@chiark.greenend.org.uk>
Date2026-06-16 14:56 +0100
Message-ID<+7F*cwfJA@news.chiark.greenend.org.uk>
In reply to#60671
David <wibble@btinternet.com> wrote:
> I was wondering how they expected to do this.
> 
> Are they assuming that all access to social media will be via a mobile 
> phone or tablet?
> 
> I can't see on device enforcement working for a PC.
> Even if Apple and Microsoft cave, there are older versions of Windows and 
> a whole raft of Linux distributions.
> 
> Perhaps I should hang onto my stock of non W10 compatible devices to 
> install Linux (or other Unix-a-like) to rent out to mid-teens to stay 
> connected.

For the NY or California laws, it's about the user having an OS level
age flag[*].  That's set up when the user account is created, eg by the
administrator or the parent who does the first setup.  Then apps (and
presumably web apps via a web API) can query the flag as to whether the user
is of age and decide whether to enable certain risky features.

That means you can give a phone or laptop to a child and 'adult' apps won't
work.  Presumably they can't trivially reset the flag without the
administrator password, which they'd have to ask the parent for.

On PCs you could always reformat the PC and install OpenBSD, but the parent
might notice.  Parents could also enroll the PC in MDM to prevent a factory
reset if they wanted.

Some Linux/BSD distros are/have implemented such a feature:
https://github.com/BryanLunduke/DoesItAgeVerify


[*] not sure the specifics, but I assume it would only report coarse-grained
outputs, like 'under 13', '13-16', '16-18', '18+' rather than the actual
birthday.  That's how Midnight BSD does it:
https://github.com/MidnightBSD/src/blob/master/usr.sbin/aged/aged.8#L114

[toc] | [prev] | [next] | [standalone]


#60676

FromIan <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com>
Date2026-06-16 16:58 +0000
Message-ID<slrn113304r.3j0.${send-direct-email-to-news1021-at-jusme-dot-com-i@vm46.home.jusme.com>
In reply to#60672
On 2026-06-16, Theo <theom+news@chiark.greenend.org.uk> wrote:

> On PCs you could always reformat the PC and install OpenBSD

Don't forget Microsoft controls the bootloader on all modern PCs[1].

Not a huge step to these "apps" requiring a "secure" OS on a "secure"
device. There's a reason a TPM is required for Windows 11, and it
ain't for the users benefit...

</tinfoilhat>


[1] https://www.redhat.com/en/blog/expiration-secure-boot-signing-certificates-2026

-- 
Ian

"Tamahome!!!" - "Miaka!!!"

[toc] | [prev] | [next] | [standalone]


#60677

FromRichard Kettlewell <invalid@invalid.invalid>
Date2026-06-16 22:48 +0100
Message-ID<wwvik7ib1ic.fsf@LkoBDZeT.terraraq.uk>
In reply to#60676
Ian
<${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com>
writes:
> On 2026-06-16, Theo <theom+news@chiark.greenend.org.uk> wrote:
>
>> On PCs you could always reformat the PC and install OpenBSD
>
> Don't forget Microsoft controls the bootloader on all modern PCs[1].

No. The thing they control is the signing key which modern PCs trust by
default. But that does not represent full control of the boot loader by
any means: you can disable secure boot, generally very easily (I have
done it a number of times for pragmatic reasons, most recently this
evening as a temporary measure).

You can also install your own keys.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]


#60679

FromMike Scott <usenet.16@scottsonline.org.uk.invalid>
Date2026-06-17 08:24 +0100
Message-ID<110ti3a$1mcr1$1@dont-email.me>
In reply to#60677
On 16/06/2026 22:48, Richard Kettlewell wrote:
> you can disable secure boot, generally very easily

Until the makers remove the 'disable secure boot' option, that is. Along 
with the ability to install new keys. ("key's expired guv? Just buy a 
new mobo").

It makes me uncomfortable that MS seem to 'own' the secure keys to the 
world's PCs.


-- 
Mike Scott
Harlow, England

[toc] | [prev] | [next] | [standalone]


#60680

FromRichard Kettlewell <invalid@invalid.invalid>
Date2026-06-17 08:44 +0100
Message-ID<wwvtsr1626f.fsf@LkoBDZeT.terraraq.uk>
In reply to#60679
Mike Scott <usenet.16@scottsonline.org.uk.invalid> writes:
> On 16/06/2026 22:48, Richard Kettlewell wrote:
>> you can disable secure boot, generally very easily
>
> Until the makers remove the 'disable secure boot' option, that
> is. Along with the ability to install new keys. ("key's expired guv?
> Just buy a new mobo").

That’s purely speculative; it’s not happened in 15 years of secure boot
on PCs. (Also it would violate Microsoft’s Windows hardware
compatibility requirements.)

> It makes me uncomfortable that MS seem to 'own' the secure keys to the
> world's PCs.

I’d rather it was someone more independent too, but Microsoft have the
technical capability to get it right and very strong incentives to do so
(anything they sign impacts the entire Windows customer base).

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]


#60673

FromChris <ithinkiam@gmail.com>
Date2026-06-16 14:29 +0000
Message-ID<110rmjc$167ed$2@dont-email.me>
In reply to#60671
David <wibble@btinternet.com> wrote:
> I was wondering how they expected to do this.
> 
> Are they assuming that all access to social media will be via a mobile 
> phone or tablet?
> 
> I can't see on device enforcement working for a PC.
> Even if Apple and Microsoft cave, there are older versions of Windows and 
> a whole raft of Linux distributions.
> 
> Perhaps I should hang onto my stock of non W10 compatible devices to 
> install Linux (or other Unix-a-like) to rent out to mid-teens to stay 
> connected.

I believe this is to counter some of the gaps in the Australian system.
Although many child accounts on social media were shut down, about 70% of
children are still accessing SM. 

Having one source of truth (i.e. the device) should be more effective. 

Yes, it'll work far less with (Widows) PCs, but then you don't see kids on
the bus carrying their Dells ;) 

The downside is that we will *all* have to do this to prove we are not
children. 

[toc] | [prev] | [next] | [standalone]


#60674

From"s|b" <me@privacy.invalid>
Date2026-06-16 17:03 +0200
Message-ID<n9d6stFdt9lU2@mid.individual.net>
In reply to#60673
On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote:

> I believe this is to counter some of the gaps in the Australian system.
> Although many child accounts on social media were shut down, about 70% of
> children are still accessing SM. 

I was never about the children...

-- 
s|b

[toc] | [prev] | [next] | [standalone]


#60678

FromChris <ithinkiam@gmail.com>
Date2026-06-16 23:31 +0000
Message-ID<110smd6$1g320$1@dont-email.me>
In reply to#60674
s|b <me@privacy.invalid> wrote:
> On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote:
> 
>> I believe this is to counter some of the gaps in the Australian system.
>> Although many child accounts on social media were shut down, about 70% of
>> children are still accessing SM. 
> 
> I was never about the children...

That's false. Don't fall for the techbro narrative. 

[toc] | [prev] | [next] | [standalone]


#60682

From"s|b" <me@privacy.invalid>
Date2026-06-17 15:48 +0200
Message-ID<n9fmt6FptfsU1@mid.individual.net>
In reply to#60678
On Tue, 16 Jun 2026 23:31:50 -0000 (UTC), Chris wrote:

> s|b <me@privacy.invalid> wrote:
> > On Tue, 16 Jun 2026 14:29:00 -0000 (UTC), Chris wrote:
> > 
> >> I believe this is to counter some of the gaps in the Australian system.
> >> Although many child accounts on social media were shut down, about 70% of
> >> children are still accessing SM. 
> > 
> > I was never about the children...
 
> That's false. Don't fall for the techbro narrative. 

Don't tell me you believe it was all about the children?

-- 
s|b

[toc] | [prev] | [next] | [standalone]


#60675

FromRichard Kettlewell <invalid@invalid.invalid>
Date2026-06-16 17:27 +0100
Message-ID<wwvfr2mmow9.fsf@LkoBDZeT.terraraq.uk>
In reply to#60671
David <wibble@btinternet.com> writes:
> I was wondering how they expected to do this.
>
> Are they assuming that all access to social media will be via a mobile 
> phone or tablet?
>
> I can't see on device enforcement working for a PC.
> Even if Apple and Microsoft cave, there are older versions of Windows and 
> a whole raft of Linux distributions.

If the device can’t/won’t provide sufficient information there are
plenty of fallbacks to establish a lower bound on age.

Most obviously, age can be recovered from identity, and tools for
confirming identity online are well-established and already heavily used
by the financial sector and government.

There are also indirect approaches, e.g. being able to authorize a
credit card transaction.


Personally I think social media should be restricted to people with
basic critical thinking skills, rather than purely on age.

-- 
https://www.greenend.org.uk/rjk/

[toc] | [prev] | [next] | [standalone]


#60681

FromGordon <Gordon@leaf.net.nz>
Date2026-06-17 08:11 +0000
Message-ID<n9f359Fmkm9U3@mid.individual.net>
In reply to#60675
On 2026-06-16, Richard Kettlewell <invalid@invalid.invalid> wrote:
> David <wibble@btinternet.com> writes:
>> I was wondering how they expected to do this.
>>
>> Are they assuming that all access to social media will be via a mobile 
>> phone or tablet?
>>
>> I can't see on device enforcement working for a PC.
>> Even if Apple and Microsoft cave, there are older versions of Windows and 
>> a whole raft of Linux distributions.
>
> If the device can’t/won’t provide sufficient information there are
> plenty of fallbacks to establish a lower bound on age.
>
> Most obviously, age can be recovered from identity, and tools for
> confirming identity online are well-established and already heavily used
> by the financial sector and government.
>
> There are also indirect approaches, e.g. being able to authorize a
> credit card transaction.
>
>
> Personally I think social media should be restricted to people with
> basic critical thinking skills, rather than purely on age.
>
That would be very useful.

[toc] | [prev] | [standalone]


Back to top | Article view | uk.comp.homebuilt


csiph-web